package org.cgs.web.server.admin;

import java.io.IOException;
import java.sql.*;

import javax.servlet.http.*;

import org.apache.log4j.Logger;
import org.cgs.web.database.DatabaseConnector;

public final class AddInstructor extends HttpServlet
{
    private static final long serialVersionUID = 1L;
    private static final Logger LOGGER = Logger.getLogger(AddInstructor.class);

    @Override
    public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException
    {
        // Get Instructor info from the web page
        String courseCode = request.getParameter("courseCode") == null ? "" : request.getParameter("courseCode");
        String username = request.getParameter("username") == null ? "" : request.getParameter("username");
        String password = request.getParameter("password") == null ? "" : request.getParameter("password");
        String password2 = request.getParameter("password2") == null ? "" : request.getParameter("password2");
        String role = request.getParameter("role") == null ? "" : request.getParameter("role");

        // Get ready to make DB call
        Connection con = null;
        PreparedStatement pstmt = null;
        ResultSet rSet = null;
        try
        {
            if (password.equals(password2))
            {
                // Get instructor account from DB matching input
                con = DatabaseConnector.getInstance().getConnection();
                pstmt = con.prepareStatement("SELECT * FROM instructorAuthorization WHERE courseCode=? AND netID=? AND role=?", ResultSet.TYPE_FORWARD_ONLY, ResultSet.CONCUR_UPDATABLE);
                pstmt.setString(1, courseCode);
                pstmt.setString(2, username);
                pstmt.setString(3, role);
                rSet = pstmt.executeQuery();

                if (rSet.next())
                {
                    LOGGER.info("The instructor account already exists for this username, coursecode and role");
                }
                else
                {
                    try
                    {
                        rSet.close();
                    }
                    catch (Exception e)
                    {
                        LOGGER.error("Exception cleaning up result set", e);
                    }

                    try
                    {
                        pstmt.close();
                    }
                    catch (Exception e)
                    {
                        LOGGER.error("Exception cleaning up prepared statement", e);
                    }

                    pstmt = con.prepareStatement("INSERT INTO instructorAuthorization VALUES (?, ?, ?, ?)", ResultSet.TYPE_FORWARD_ONLY, ResultSet.CONCUR_UPDATABLE);
                    pstmt.setString(1, courseCode);
                    pstmt.setString(2, username);
                    pstmt.setString(3, password);
                    pstmt.setString(4, role);
                    pstmt.executeUpdate();

                    LOGGER.info("Successfully added instructor " + username + " to the list of users for course code " + courseCode);
                } // End else
            }
            else
            {
                LOGGER.info("The passwords do not match");
            }// End else
        } // End try block
        catch (Exception e)
        {
            LOGGER.error("Exception thrown while atttempting to add an instructor", e);
        }
        finally
        {
            try
            {
                // Close the ResultSet
                if (rSet != null)
                {
                    rSet.close();
                }
            }
            catch (Exception e)
            {
                LOGGER.error("Exception cleaning up result set", e);
            }

            try
            {
                // Close the PreparedStatement
                if (pstmt != null)
                {
                    pstmt.close();
                }
            }
            catch (Exception e)
            {
                LOGGER.error("Exception cleaning up prepared statement", e);
            }

            try
            {
                // Close the connection
                if (con != null)
                {
                    con.close();
                }
            }
            catch (Exception e)
            {
                LOGGER.error("Exception cleaning up connection to the database", e);
            }
        } // End finally

        response.sendRedirect("admin/adminMain.jsp");
    } // End method
} // End class
